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ABSTRACT 


Methods for approximating the system hazard function are 
developed for systems which have constant component failure 
rates. The approximations are applicable to systems which 


are "highly reliable," e.g., all component reliabilities 
greater than 0.9 and system reliability greater than 0.95. 

Three approximations are developed. The first-order ap- 
proximation is based on the system Pais of least size 
eee cuts). The fix-up approximation is based on the 
minimal cuts of the system and is an extension of the methods 
used in NAVWEPS OD 29304. The second-order approximation is 
a more accurate extension of the first-order approximation. 

The advantages peculiar to each of these approximations 
are: 

(l) firstserdem: sasy to calculate, 

(2) fix-up: never leads to an overestimate of system 

reliability, 


(3) second-order: relatively more accurate. 
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fae NE RODUCTION 


This thesis deals with probabilistic approximations for 
system reliability as opposed to statistical estimators of 
component or system failure rates. The problem addressed 
herein is that of approximating the probability of failure as 
a function of time for a system whose components have known 
(or estimated) constant failure rates. 

It has been shown [1] that a system of constant failure 
rate components will not have a constant system failure rate 
unless all components are in series. When all components are 
in series the system failure rate is the sum of the component 
failure rates, a simple calculation requiring no approxima- 
tions. When all components are not in series the system fail- 
ure rate 1s a function of time; usually it is a rather 
complicated function. In the latter case simple approxima- 
tions have great practical usefulness. 

The function approximated in this thesis is the system 
hazard function. The hazard function is a very convenient 
device when a system consists of a series of subsystems, and 
some of the subsystems have components in parallel. The sys- 
tem hazard function is simply the sum of the subsystem 
Peazanvemraunctlons, and the system reliability is the exponen- 
tial of the negative of the system hazard function. The only 
difficulty in determining system reliability, then, is deter- 


mining the hazard function for those subsystems which do not 





have all components in series. It is to this end that simple 
approximate methods for determining the hazard function are 
developed in this paper. 

The system hazard function can be formulated as a function 
of the component failure rates and of time (mission length). 
Bounds on the value of the hazard function for any mission 
length are developed in [2]. The approximations developed 
in this paper are useful for systems of variable mission 
length, however, the accuracy of the approximations is gener- 
ally acceptable only in the range of mission lengths for 
which system reliability is "high" (e.g., component reliabil- 
ities at least 0.9 and system reliability at least 0.95). 

Three methods of approximating the system hazard function 
are developed in this paper: 

(1) fiiest—-order approximation 

(2) fix-up approximation 

(3) second-order approximation. 

The first-order approximation has the form a(At)> when compo- 
nent failure rates are all equal. When component failure 
rates are not all equal the first-order approximation has the 
form )M (At). The fix-up and the second-order approximations 
are made up of terms of the same form as the first-order 
approximation. The fix-up approximation is an extension of 
the methods used in [3]. When the methods of [3] can be 


applied unambiguously they give the same result as the fix-up 


approximation. 





None of these approximations requires the complete compu- 
tation of the system reliability function. This is of 


definite practical advantage in complex systems. 





it. DEPINITIONS AND EXAMPLES 


A convenient vehicle for illustrating definitions is 
the 2-out-of-3 system. A 2-out-of-3 system consists of 
three components: it functions if any two components func- 
tion or all three components function. If less than two 


components function, the system fails. 


Peo oY ole os | RUCTURE 

All components and systems are considered to be two-state 
devices in the sense that they either "function" or "fail." 
We use the symbol x, to represent the state of the i-th 
COmponent : 


x; = 0 Tiwi ne i-th component fails, 


I if vthe 1-theeenponent functions. 
i -Condweken. Vector 

In a system consisting of n components the vector 
c= (Xp 4062 4%)) represents the state of all the components 
in the system. We say x describes the "condition" of the sys- 
tem. Superscripts are used to distinguish different conditions 
of the system, e.g., xt ; x? 
The possible conditions of a 2-out-of-3 system are 


Shown in Figure l. 








Figure 2. Conditions of a 2-out-of-3 System. 


Zoe See tite. function 
The structure function $(x) tndicates the state of 
the system (function or fail) when it is in the condition 
described by x: 
¢(x) = 0 aif the system fails in condition x, 
(Meme svStem functrens in Condition -x. 
Considering the conditions of a 2-out-of-3 system 


shown in Fig. 1, we see for example that: 


6 (x7) = 0 (only component No. 3 functions; system fails), 


6 (x®) = 1 (components Nos. 1 and 3 function; system 
functons). 


Seow) wnt 


The approximations developed in this thesis are closely 


related to those conditions of the system in which it fails. 


We define a cut as any condition in which the system fails, 
igjem, “Gendition x 1S a eGuteif o%6c)=0. 


Mee 2-Out-of-3 system has four cuts: xt=(0,0,0), 


x*=(0,0,1), x3=(0,1,0) and x4=(1,0,0). The system fails if it 


1S in any of these four conditions. 





4. Cut Size and System Width 

The size of a cut x, s(x), 1s defined as the number 
of failed components in the condition described by x. For 
example, in Fig. 1 the size of xt=(0,0,0) 1s s (xt) = 3, and 
the size of x*=(0,0,1) is s(x?) = 2. 

The width of the system, m, is defined as the smallest 
size of any cut, 1.e., the least number of failed components 
that can cause the system to fail. In a 2-out-of-3 system at 
least two components must fail in order that the system fails, 
so the system width is m= 2. 

5. Failed Component Set 

For any condition x the failed component set 0O(x) 1s 
defined as the set of indices of the components that are 
failed when the system is in the condition described by x. 

In Fig. 1, 0(x4) = {2,3} and 0(x°) = {1}. 
6. @finimal Cut 

Theseoneons Of a Minimal” cut 1S important in the 
approximations developed in this paper. A cut x is a minimal 
cut if it has the following property: the "repair" of any 
failed component in the cut causes the system to function. In 


a 


the 2-out-of-3 system the conditions x? ; x? and x* are minimal 


cuts; xl is not a minimal cut. In general, a cut x is said 
fow@contain™.a cut x> if 0 (x?) 1S a proper subset of DESY . 
Consequently, a minimal cut contains no other cuts. In Fig. 
bags O(x?) = {1,2} is a proper subset of 0 (xt) = le oa x? is 
a cut, therefore, xl is not a minimal cut. Note that if the 


Size of a cut equals the system width, then the cut 1s 


Wanimal . 


a 
ts 


af a 





oe \ secs. OL. Cuts 
We define K as the set of all cuts of the system and 
Re as the set of all cuts of size s. Ce 1s defined as the 


number of cuts of size s. For the 2-out-of-3 system we have: 


i cae. 38 

Ky = the empty set Ci = 0 
a ne ee ie 

K,, (eos x * } Cy = 3 
m I ee 

K, ie | Ce = tke 


pee | ROBDABITIStIC RELIABILITY FUNCTIONS 

So far the probabilistic and time dependent characteristics 
of the component and system states have been suppressed. It is 
assumed, however, that only probabilistic statements can be 
made about the state of the components and the system, and 
that these statements have time as an independent variable. 

A system consisting of two components in sSerieS provides a 
Penvenaent example for illustrating the definitions of this 
section. Such a system functions only if both components 
PiuG@ween; LE erthexr component or both components fail, then 
the system fails. 

it eReliapi lity Function 

In the example of a two-component series system an 


important question is, "Will component No. 1 still be func- 


emeninG at time tt?” The state of component No. l, Xp is 
Cometadercd a probabilistic function of time, 1.<e., x = X(t), 
a random variable. So amore meaningful form of the above 


question is, "What is the probability x =1 at time t?" The 
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answer to this question is called the component reliability 
function, F(t). 

In general, for any i-th component the component reli- 
pty f£unction F(t) is defined as 


P(e) = Pr({i-th component is functioning at time ¢) 
at 


Pr (X, (t) = 1). 

The form of the component reliability function depends 
on the reliability characteristics of the component. In the 
two-component series system example the “exponential lifetime" 
form 1S used, 1.e., 
= at: 

2 


! 


Fy ft) e 


Sone 2S 
2 


F(t) e 
where 7 and Mis are positive constants. 

Turning our attention to the system we might ask, "What 
is the probability that the system is still functioning at 
time t?" The answer to this question is called the system 
Mewmability function F(t), i.e., 

F(t) = Pr(system is functioning at time t). 
In the two-component series system the system reli- 


ability function 1s 


F (t) 


Pr(both components are functioning at time t) 


F, (t) F(t) 


ie 








2, oystem Reliability in Terms of Cuts 

There are various methods for computing system reli- 
ability. The following method, although it appears rather 
cumbersome, proves useful in developing hazard function 
approximations. 

For any condition of the system, x, define p(x) as 
Mme probability that the system is in condition x at time t. 
It 1S assumed that the failure times of the components in the 
system are independent random variables. Consequently, p(x) 
equals the product of the probabilities that each component 
is in the state described by condition x. 

The four possible conditions of a two-component series 


System are shown in Fig. 2. 





Figure 2. Conditions of a Two-Component Series System. 


In condition x? the component states are x,=0 (Nowe w 


component has failed) and x5=-1l (No. 2 component is Func tiOname 2 


SO, p(x) = Pr(No. 1 comp. has failed and No. 2 comp. is 


Funetloning) . 


Pr(No. 1 comp. has failed) Pr(No. 2 comp. is 


PuMee? On king 
But, Pr(No. 1 comp. has failed) = 1 - Pr(No. 1 comp. is 
FUnGEVenI ng) 
= l- F(t 
i! ) 
-rA t 
ae 


a2 








mise Pr(No. 2 comp. is functioning) =e : 


“At -—~A,t 
moos, p(x) = (l-e 


The probability that the system has failed equals 
mie probability that it 1S in a condition which is a cut. 
The conditions of a system are mutually exclusive (if the sys- 
tem is in condition x it is not in any other condition xB) , 
Consequently, we can sum the probabilities of the conditions 
that are cuts to get the probability that the system has 
failed. 

The two-component series system has three conditions 
Waich are cuts, 1.ée., 

K = {xl,x2,x3}. 
The probability this system has failed is the sum over the 
conditions in K of the probabilities of being in those 
Comaitions, 1.ée., 


Pr(system has failed) = ) p(x) 
XEK 


p (xt) + p(x%) 1 p(x). 


Using the component reliability functions, F, (t) and F(t), 


-r,t =) Bye 
we have: p (xt) = (l-e = ) (l-e : ) 
aia Bias 
p(x“) eee en 
ae =A ~t 
p(x) =e 1 (l-e ee 


Summing these, 


Pr(system has failed) = 1l-e 


ue: 





Tews, F(t) 


Pr(system is functioning) 


1 - Pr(system has failed) 


-(A 4A) t 
pero OA? 


The foregoing method of calculating system reliability 
in terms of cuts has three significant characteristics: 
(1) It can be used for any system. 
(2) It requires only a knowledge of the conditions 
which are cuts. | 
(3) Cuts which have relatively small probability “can 
be ignored in order to simplify the calculation 
of approximate system reliability. 
5. Seazard= Function 
For the i-th component the component hazard function 
R, (t) is defined by 
R, (t) er OG) F(t). 
The system hazard function R(t) is similarly defined 
by 
Rit) = -log F(t). 


In the two-component series system we have 


“At 
R, (t) = -loge = Ajt, 
“A 5t 
Ro (t) = -log e ° = ot, 
-QQ,+r5)t 
ray = —Log ¢€ = (A, +A 5) t. 


Note that in this series system the system hazard function 
is the sum of the component hazard functions, 1.ée., 


R(t) = R, (t) +. R, (t). 
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The hazard function 1S very convenient to use when 
dealing with systems which can be represented as a series of 
subsystems. Each subsystem hazard function can be calculated 
Or approximated, and the system hazard function is then simply 
the sum of the subsystem hazard functions. The system reli- 
ability is the negative exponential of the system hazard 
mmmection, i.e.;, F(t) = eS a 

4. Failure Rate 

For the i-th component the component failure rate 

r, (t) 1s defined by 


= 
ics =eecmne, ( te). 
: at 


The system failure rate r(t) is Similarly defined by 


mace) = Rte yes 


c_ 
dt 
(These definitions agree with the classical definition of 

Zoiwere rate in terms of the probability density function and 


eames reliability function.) 


In the two-component series system we have 


mot) =e RAE). =ad oket = A. , 

; qe i ae 1 

met) =Vdeeka l(t) =“d-a-t =A. , 

“ ae at 1 

r(t) =ad R(t) =ad (A.trA.)t =A, +d 
ERS ae ot 2 eg 


Note that the component failure rates, My and 5 7) are con— 


—r.t 
Stant. An exponential lifetime (F(t) =e 7 ) 1s equivalent 


to a constant failure rate (r.(t)=Ar;). 
In the systems considered in this thesis all compo- 


nents have constant failure rates. 


Ike: 





Pett eee Peo SORDER APPROXIMATIONS 


Mie preobiem to be dealt with here is that of determining 
the hazard function for a large system in which all compo- 
nents have constant failure rates. It 1S assumed that the 
large system consists of a series of subsystems. Those sub- 
systems which consist of a single component or a series of 
components may be treated separately; the hazard function for 
this group 1S simply the sum of the component hazard PuUneeELOnss 
An exact formulation of the hazard function for the more com- 
plex subsystems is often difficult. The approximations 
developed in this section provide a relatively simple method 
for approximating the hazard function for these complex 
subsystems. 

(The "systems" referred to in this section should be con- 
Sidered as subsystems within a larger system. These "systems" 
always have more than one component and are more complex than 
a simple series of components.) 

iimtrativ, consider Lirst-order approximations for sys- 
tems in which all failure rates are equal to some constant 
X(>0). Once the method is illustrated in this special case, 
the generalization to systems in which component failure rates 
are not all equal is rather straightforward. 

The following example shows a direct technique for deriv- 


ing a first-order approximation to the hazard function. 


16 





Example 3-1. Consider a system consisting of three com- 
ponents each having constant failure rate X}. The system 
functions if and only if two or more of its components func- 
ion (2-Out—-of-3 system). | 
The component reliability functions are 

fai) =e ** el, 2,8" 


The system reliability function is 


= z —-3A¢t 
F(t) = 3e 2\t _ 2e 


Expand the exponentials in the system reliability function 


MeGing e ~*~ = 1 - x + x? - x3 4 
21° Gay 
We then have 


mee St SON Gee Se BE ee) 


21 31 
So (Cie ete ye ee) Os) 
21 31 
= il HOS) 2 = Be ee 


We can now derive the hazard function 
Pic) aoc (> 


me usimag the expansion of the logarithm function about 1: 


3 


=MWeq{(l-x) = x = xe eee ak 
e) 


Z 


Meee) = -llog() = 30in). + SOL)” = 2.0) 


eee) - = Give) oF eae 


The first-order approximation, then, is 

Ri(t) = 3(\t)%. 

The direct method has two drawbacks. First, an explicit 
formulation of the system reliability function is required. 
Second, the exponentials must be expanded and the coeffi- 


cients of the various powers of At must be collected. 


ry 





The indirect method of determining the first-order approxi- 
mation for the hazard function is based on the following line 
of reasoning: 

(1) Recall that K is the set of all cuts of the systen, 
and that the elements of K are mutually exclusive. Also, be- 
cause of the assumption that component lifetimes are indepen- 
dent, the probability that the system is in the condition 
described by a cut equals the product of the probabilities 
that each component is in the state described by the cut. 


(2) The reliability function can be formulated as 


Pr(system is functioning) = 1 - Pr(system has failed) 
=1- ) Pr(system in condition x). 
XEK 
(7 Fer any cut x of size s (size = no. failed comp.), 
p(x) = Pr(system in condition x) 


= (eA tC) 1 @ aaah. (l-e t) Ss. 


Consicer the value of p(x) for small values of t, 


lim p(x) = lim (eAt)B-S/j-et\s 8-4 (r<s). 
t>0 t+0 a) win 
But, lim (eAt)"-S = 1, 

t+0 

limfi-e **\5 — Ney 

t-o\ t 

limt> * =0 if r<s, 

t+0 = 


= ] if r=s. 
Maus, when x 1S a cut of size s, 


mem ox) = 0 for xr<s, 
t+0 7 


ee for r=s. 
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For small values of t we have the approximation 


Pea jot). 


(4) Recall C. 1s the number of cuts of size Ss, and m is 
the smallest value of s such that Cee (m = system width.) 
F(t) = Pr(system is functioning) 
=1- ) p(x) 
XEK 


Ile 


n 
1) ela 
s=m * 
=1-c (At)™. 
m 
(5) The first-order approximation for the system hazard 
function is derived from the foregoing approximation for the 


Saecem reliability function. 


R(t) = -log F(t) 


ec =e tea) 
m 


cA t)™ = R(t) where R1 (t) 1s the first-order 
approximation for the system hazard function. 

In summary, when all component failure rates are equal the 
first-order approximation for the system hazard function can 
be determined in three steps: 

a. Determine the system width, m. 

hb. Determine the number of cuts of size m, ct 


c. Calculate R1(t) = c(t)”. 


Eeemple 3-2. Apply the foregoing method to the 2=out-oise 


a7sSstem. 


a. At least two components must fail for the system to 


fail, so the system width is two (m=2). 


I, 





b. There are three cuts of size two, so = = 3. 


Ge conscequently, R(t) = € (oe 3(At)*. 
m 


When the component failure rates are not all equal the 
first-order approximation for the hazard function is derived 
by the same line of reasoning used in (1) through (5) above. 
The essential @adifference is in the form of p(x). 

ifet so be aecut Of Size S. Recall O(x) = {i:x,=0}, and 
K_ = {cuts of size s}. By the assumption of independent com- 


S 


ponent lifetimes, 


-~A t -’\ .t 
p(x) = I a (l-e 1+). 
ig0 (x) ic0 (x) 
There are s elements in 0(x), so 
p(x) = I eo” I =e ey (5) 5 
r 64x) ake Oe) (e 
eed lam p(x) = 0 BKse 
taa0 ip 
= IT r: r=s. 
re Cx) 
Mans, for small t, p(x) = > oT i 
el (x) 


The system reliability function 1S approximated by 


F(t) =1- ) p(x) 
XEK 
mM 


m 


Ile 
a) 
t 

ct 


II rn. 
xeK ie0(x) + 
m 


The first-order approximation for the system hazard func- 


tion follows from 
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R(t) 


-log F(t) 


Ile 


wee” tw X= R(t). 
xXEK Teo) 
m 
In summary, when the component failure rates are not all 
equal the first-order approximation for the system hazard 
function can be determined in three steps: 
a. Determine the system width, m. 
a FEoupeachncubexain Kn calculate the product 


I 6 = eel Mes 
icO(x) + ie0(x) * 

c. The first-order approximation R+(t) is the sum of 
these products over all x in Ka! Lee; 


R(t) = emf ie 


SEK oo LEO (xX) : 
™m 


The following example illustrates the method. 


Ewemple 3-3. Consider a 2-out-of-3 system with component fail- 


ure rates Awe A and ee Recall that the cuts of the system 


ase s 


*~ 
fe 
| 

—— 

>) 
~~ 

>) 
~= 

7) 
~= 


x? = (O70 71), 
7 = "(070 , 0) ; 
aac x4 =e OF, 0). 
Thus, K, = {x2, x, x4}, and K, = {xl}, 


The width of the system is m= 2. 


For each cut x in K, foun. the product Pe a 
x: Arab? 
x? nee, ee 
md eee 


Zl 





Summing these products, 


R1(t) 


™m 
Saag) I dh. 


XEK 1€0(x) 
m 


se ise 


3 + Ne 


2 a 


2 
1 (AjA5 


If the component failure rates had been equal, A 


\ 


3 ee 


Ri(t) = t2(347) = 30t)°¢. 


The first-order approximation for 
tion contains three approximations: 


(1) 


(2) Pr(system has failed) 


) 


xeEK 
m 
(3) -log(1-Pr(system has failed) ) 
Approximation (1) has an error of 
A;t<s0.10. 
Gieegreater. 
The error in approximation (2) 1s 
probability that the system fails due 
than system width m. The accuracy of 
when relatively unreliable components 


component set for any cut of size m. 


is greater than 0.95 the cuts of size 


al 


 S 
2 


then the above answer would reduce to 


the system hazard func- 


For any i-th component with constant failure rate A., 
at 


pi). 


Pr(system has failed). 


less than 5% when 


This corresponds to a component reliability of 0.9 


directly related to the 
to a cut of size greater 
approximation (2) suffers 
are not in the failed 


When system reliability 


Meusua lly saecoune, seis 


enough of the probability of system failure to make approxima- 


tion (2) acceptable. 
Approximation (3) has an error of 


Beltaorlity 1S greater than 0.90. 


22 


less than 5% when system 





As a rule of thumb we say that the first-order approxima- 
tion for the system hazard function is uSually acceptable when 
all component reliabilities are greater than 0.9 and the sys- 


tem reliability 1S greater than 0.95. 
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IV. FIX-UP AND SECOND-ORDER APPROXIMATIONS 


In this section we develop methods for improving upon the 
first-order approximation for the system hazard function. 
The first method developed, the fix-up approximation, is not 
alwayS a more accurate approximation than the first-order 
approximation, but it always errs on the "safe side." The 
other method developed, the second-order approximation, 1S 
always at least aS accurate as the first-order approximation, 


in most cases it 1S significantly more accurate. 


A. THE FIX-UP APPROXIMATION 

The first-order approximation of the system hazard function 
may not be acceptable if comparatively "weak" components do not 
appear in any of the cuts of size m (m = system width). The 
following example illustrates this situation ana provides a 


heuristic approach to the fix-up approximation. 


Example 4-1. Consider the hydraulic pump system shown in Fig. 


Ss 





Figure 3. Hydraulic Pump System - Physical Arrangement. 
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fe upper mranch funetions if No. 1 functions. The lower 
Biemen functions if No. 2 functions and either No. 3 or No. 4 
functions. The system functions if either the upper or lower 
branch functions. 


The cut representation of the system is shown in Fig. 4. 





Figure 4. Hydraulic Pump System - Cut Representation. 


The first-order approximation for the system hazard func- 
Eron 1.S R(t) = A date. This completely ignores the failure 
rates of Nos. 3 and a If Nos. 3 and 4 are considerably less 
reliable than Nos. 1 and 2, the accuracy of the first-order 
approximation may not be acceptable. An obvious "fix-up" 
would be to get a first-order approximation based on the cut 
in which Nos. 1, 3 and 4 are failed, and add this to the pre- 


vious approximation, 1.e., 


F Er 3 
ret) R-(t) + AyrAarQt 


ND ee cea aa ns ae 


3 
i 2 cc oe 


The "fix-up" approximation for the system hazard function, 
Rea(t), shown in Example 4-1 1s sometimes a simple method for 
improving the accuracy of the first-order approximation. It 


can be derived for any system in the following manner: 


= 


Zi 








a. Identify all minimal cuts of the system. 
Pre, Om any minimal cut x, let s(x) = size of x. 
c. Let = {all minimal cuts}. 


aeeeeten, 2 (t) = jy eo) 7 4: 


xeK,, 1¢€0 (x) 


For illustration, apply these steps to Example 4-1: 


a. There are two minimal cuts, 
xl = GOT 071631); 
ek 
x = (O7.150',.0) ; 


Cc Ky = {x1 x2}, 
Pe ree = Pek) 
xEK,, anc) 


2 3 
t (Ajr5) ah He (AJA 3A g) 


a 2 3 


The rationale behind the fix-up approximation can be sum- 
marized in the following manner. We treat each minimal cut x 
as 1f the system width were s(x). We then calculate the 
"contribution" of the minimal cut x to the first-order approxi- 


mation for the system hazard function, tS (x) I d; . These 
dhe 0) (3) 


contributions are summed over all minimal cuts, and the result 
Pemeyve fix-up approximation. 

The fix-up approximation for the system hazard function is 
always greater than the actual system hazard function, l.e., 


RP (t)>R(t). 
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Recall that all cuts of size m are minimal cuts, so Ke 1s 


a subset of Moe Consequently, 


ree) = ) ir ee a he =e toe 
xeK, 1€0 (x) = x€K LEDS) 


In view of these inequalities the fix-up approximation is 
less accurate than the first-order approximation whenever the 
first-order approximation is "pessimistic" i.e., whenever 
RI (t)>R(t). 

It 1S important to note that the fix-up approximation does 
provide an upper bound on the system hazard function and, 
therefore, it leads to a lower bound on system reliability. 

If errors of "optimism" are to be avoided, the fix-up approxi- 
Mation has the virtue that any errors will be errors of 
“pessimism. " 

The methods for approximating the system hazard function 
shown in Ref. 3 give results which are equivalent to the f1ix- 
up approximation. (Unfortunately, these methods cannot be 
applied unambiguously to some systems, e.g., the 2-out-of-3 


system.) 


pee tae SECOND-ORDER APPROXIMATION 
When component failure rates are constant it is always 
possible to express the system hazard function as a power 


series: 
Pee = )) arte 
Oe 


where a. is a function of the component failure rates. It was 
J 


oy 





shown in developing the first-order approximation that a = 0 
when j 1s less than the system width m. Consequently, the 
power series expansion of R(t) can be written: 


sand ® 
Rae) = ) a.t 
j=m 7 
The first-order approximation was simply the first term 
in the power series expansion of R(t), l.e., 


R1(t) =a tm 
m 


where an ) II A; 
XxEK 1€0(x) 
m 
The second-order approximation for the system hazard func- 
tHon, R“(t), consists of the first two non-zero terms of the 
power series expansion of R(t), l.e., 


2 m 
— mead 
R (t) a t a 2G 


One method for calculating the second-order approximation 
is the direct approach (see Example 3~1). To illustrate this 
method consider the system in Example 4-1. 

The system reliability function is 


-rA.t -.t -rAr t A t -A t -(A_+A .)t 
mie = e 1 +(jl-e 1 ye 2 (e 3 +e 4 -e ms I 


The direct approach consists of three steps: 


a. Expand the exponentials in F(t) using 


PeeeGcollect termenin the expanston of F(t) according to 


powers of t. 
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Swe omnutrate the hazard function wsing 
pleg(@l=x).= x= x? RS ee 

2 

Applying these steps to the system in Example 4-1 results in 


the following power series expansion of the system hazard 


fFumetion: 
2 


Rate) =A At + (A .A_A.-lA 
oe 1 2 1 > 


3 4 
nN +i + ; 
aT : 1 Os is (terms of order t°) 


Consequently, the second-order approximaticn for the hazard 


function of this system is 


2 2 | 3 
= su = 
Eee te ) AjAot (AA aA seal Sy - 


Note that the second-order approximation in this example in- 


eimees the first-order and the fix-up approximations, 1.¢e., 


2 2 3 S 
Pome) = ATA Ct FA Meet = Ded AL) 
= 1 2 134 plete) 

i 3 3 
=i Rete Je ATA Sel othe EX 
A rere ere) ary 
= RF (t) - JAA, (A +A ee 
Be 


Bne direct approach 1S a rather tedious method for calcu- 
lating the second-order approximation. In this section we 
develop a more efficient method. The development of this 
method uses the following line of reasoning: 


(1) We know that 


m+] m+ 2) 


te + (terms of order t 


_ m 
R(t) = at + a+] 


Suppose F(t) could be expressed as a power series of the 
form 
m+2) _ 


mee) = 1) = b tt - pb i + (terms of order t 
m m+1 


Since m>2 (we do not consider simple series systems), we would 


have, 
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Mog E(t) = slog pcr a emt ts (terms of order tMt2)) 
m+l1 
= bet +. 5b emtd + (terms of order tMt2) | 
m m+1 
But, -log F(t) = R(t), so corresponding terms of the power 


series expansion must be equal, i.e., 


Consequently, we will have the desired second-order ap- 
proximation for the system hazard function if we can express 
iaeevin the form 


Wee) = l=-a a = Val pmtl + (terms of order EMt2) 
m m+1 


(2) We know that 
fee) = = Pr(system has failed), 


and Pr(system has failed) = } p(x). 
XEK 


So we weulc hope that ) p(x) can be expressed in the form 
MEK 

) Pigs) ="ae tra eae 

me = 


+ (terms of order tmt2y | 


Such an expression is possible if and only if for all cuts x 
in K there exist functions (of the component failure rates) 


Goes) and d (x eenen thac 
m m 


+] 


m+1 


= m m+2 
p(x) = d(x) t oa dtp (Xt + (terms of order t ) 


If for every cut x, p(x) can be expressed in the above form, 


then 
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Pie) = 1 - } p(x) 
xen 
uf 
=1-J)d4(¢x)t™- J a. (xem 
sige dM ver m+1 
+ (terms of order t™t4), 
ama R(t) = J di (x)t™ + J aii ¢xpt™ 


XEK XEK 
ms we see that the problem of finding a second-order 
approximation for the system hazard function can be solved by 


finding a second-order approximation for p(x) for every cut 


m, 1.e., 
pix) = d(x) tm + sha (Eats + (teums Of sOrder tMt2) 
2 mM 4 m+] 
d(x) t dat) (xt 
(3) Under the assumptions that component failure rates 


are constant and component lifetimes are independent we have 


hot amy cut x: 


p(x) = Pr(system in condition x) 
“A .t - t 
ee e II (l-e 12 ) 
iZ0 (x) ic0 (x) 


The first product in p(x) can be expanded as follows: 


es 
Mm et = J (li eee eee) 
iz0 (x) if0(x) = 
Slo te pean) (Oelcha ise fepe cheel=15 t). 
igO(x) 7 


Tee esecond product in p(x) can be expanded as follows: 


ul! 





“rv .t 
1 


Melce  ) = A (t= 1 ey? + 222 


ic0 (x) LE (So) 2 1 
= I a aii Ne (3) Noe 
icO(x) 1 2 icO(x) + ied(x) 2 
eat ey dh. [1-1 ) ene 
FEC) ee 2 icO(x) 1 
+(terms of order t?) ] 
memere Ss = the size of the cut x. 


Multiplying these expansions of the products in p(x), we have: 


p(x) = f{1-t } Me 2 eRe h;[1-1t } eee ono gl 
igO(x) > ie0 (x) 2 i€0(x) 


=e nit Na (ile ( 
ie0 (x) 


+(terms of order £7)] 


Thus, for any cut x size s we have 


peor da(x)t? + ee cece + (terms of order tt 


) 


where d_(x) = II rn: 
: icO(x) 7 
andra 0 (== el oe ae re) ee 
ats ie0 (x) Deo 170(x) = 


Summing p(x) over all cuts according to size we have: 


a2 





Doe = } [d_ (x) t™ at ste eo ails 


XEK xeK, 
+ (terms of order tMt+2) y 
ae y (GLa Gs) + (terms of order eae 
IE 


+ (terms of order tMt2) 
a 


JS 2 


= m m+ 1 
= : Shes) toot cal doy (el + en dp (x) I]t 
m m eAm+1 
+ (terms of order t™*2) 
(4) As was shown in (2), the above expansion of J) p(x) 


xe K 
leads immediately to the second-order approximation for the 


Nazated function, 1.¢e., 


Re(t) = J day(xt™+ £3) digi) + Yo ayy (xy) em 
XEK xe xEK 44 
where 
mM = cn 
xXxEK Sue hima Le 0 (se) 
m m 

mdi a(x) = - Tl eae Olas) he + J hs] 
xeK MERE xeK, icO(x) ~ 2 i€O(x) : 120 (x) : 

) Cone) = ) II hs 

m+] at 

x€eK 47 x€eK 4) ave Ones) 


This form of the second-order approximation has the follow- 
ing properties: 

a. Only cuts of size m and size m+l need be considered. 

b. The first term of the second-order approximation is 


paesfirst-orcer approximation, i.e., 


Se 





i a Gia” = R(t). 


xe KL 

c. It is equivalent to the approximation that would result 
from using the direct approach. 

The following example illustrates the calculation of the 
second-order approximation and points out a computational 


smortcut. 


Example ‘2. Calculate the second-order approximation for the 
system described in Example 4-1. 
(a) System width is m= 2. 
(b) There is one cut of size 2: x! = (0,0,1,1). 
Sok = (x15 
(c) There are three cuts of size 3: 
= (el, 0 0) | 


(0,0,1,0), 


*~ 


4 = (19) 2) a 


So, K, = {x2,x3,x4}. 
2 


(Mete that x 3 


4 


is a Minimal cut but x” and x* are not minimal 


Sucs.) 


(a) Calculate )} Shale) = - 
XEK, 


dy (x)t? = dg(xtyt? = te? M Ay = Aqdgt? 
x€K5 ace 07 eae) 


(e) Calculate } oes) eae . We will carry out this 
XEK 
m 


Gameulation in two parts: 


ae ya | 


. ee 3 
| 4 A; ]t = -]\ .i (A, ge.) Ae 
XEK 5 re 0 (x) 


1 } 
> ic€0(x) zy 12 
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Set OWE = =X eat? = NaN te 
xeK, re 0) * igo(x) 7 nie 2 ee 


(The latter pair of terms will be cancelled when we con- 


Sider the cuts in ne which are not minimal cuts.) 


(£) Calculate } lees) cts 
Semel 
3 (Geo Moa ee 
SESE RSet? 
ax?) te = se es 


(The last two terms will cancel terms from (e).) 


(a) "Sum the results of (d), (e), and (£). 


2 - ies: 3 3 

R* (t) AyArA5t a oer + NASBA gt 
In the foregoing example the terms -d, (x3) t° and -d, (x*)t3 
ly)¢3. This is a consequence of the fact 


3 A 


appear in the term d3 (x 


that x! is contained in both x? and x ie ed = ar 0 (xt) isa 


proper subset of both 0 (x3) and 0(x4). We formalize this re- 
sult in the following manner: 

For each cut x” of size ieee v (x*) be defined as the 
number of cuts of size m which are contained in x*. The term 


Cg Wael appear in ) dena) Coe with the coeriveemc 


xEK, 


Gn+1 eo) t 


Mt] wid) appear in 


~v(x*). Consequently, the term Eng (xa) 
p2 (t) with the coefficient le vate) a and this is true for each 


cut x~ of size m+l. Thus we may rewrite R2(t) in the form 


30 








2 
Rt) = } daitx)t™ - 


TS dec Ch awe ed eee ae 
xeK Z xEK, Ie Osc) 
+ } (eval. aeyie 
XEK 
m+] 


Thus, the second-order approximation for the system hazard 
function can be calculated using the following method: 

(a) Determine the system width m. 

(5) oaidentiiy each cut of size m. 

we) “Fer ecach@cue of size m compute: 


Gl). Wicket) = Fil ek 
- lod 0 Oe = 


2).5n h; 
1€0 (x) 
(d) Identify each minimal cut of size m+l, and compute 


dit] (*) = a hs ; {Note that v(x) = 0 for minimal 
1€0 (x) 


ents.) 

(e) Every non-minimal cut of size m+l contains at least 
Sie GUENOor Size vm, tve., vV(x)21. Identify those non=- 
minimal cuts of size m+l which contain more than one cut 

of size m, and compute CS Vey (x) for each of these. 
(If we miss some terms here, the error is usually small and 
always on the "safe side.") 

(f) Use the terms calculated in (c), (d) and (e) to 
calculate R(t). 


The following example illustrates the method. 


Example 4-3. In the system discussed in Example 4-1 place an- 
other pump, No. 5, in series with No. 1. The resulting system 


VSMsHown in Fig. 5. 
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Figure 5. Pump System - Physical Arrangement. 


The second-order approximation for the system hazard 
function is calculated as follows: 

(a) At least two pumps must fail in order for the sys- 

tem to fail, som = 2. 


(ob) The cuts of size 2 are: 


Me = 0) Only ed) (Nos. l and 2 have failed) 
x* = (1,0,1,1,0) (Nos. 2 and 5 have failed) 
l e 
fe dso(xe) = AA ) =i. +A 
‘ le ic0 (xt) : é 
2 
dave") = AA ) ae = Nee) 
D OS fo (x2) 2 2 5 
(d) Tiere are two Minimal cuts of size mtl = 3: 
x? = (0,1,0,0,1) (Nos. 1, 3 and 4 have failed) 
x? = (1,1,0,0,0) (Nos. 3, 4 and 5 have failed). 
7 
da (x ) = AA ary 
4 
=) AA 
d(x ) HOE 


(e) The cut x> = (0,0,1,1,0) contains both x? ana x?, 
ime) Ore) = {1, 2} 

Oe) = (2, 5} 
and both of these are proper subsets of O(x?) = {1 .2, S53 
Sor v (x?) = 2, 


and (1-v (x?) ) d(x?) = - AJAa\e 


oY 








Pee enerenon-Mminimal cuts Of Size 3 contain only one cut 
om cue, 2, 1 -e.0 1-V ix) = 0. 
(f) Using the terms from (c), (d) and (e) we have 


2 _ ae 3 
Ro(t) = (AyAgtHoAg)t LIX jh, * 4) AA AH ,) I]t 


+ (A A 3A gtr Nea 


3 
3 45 Ag)t” . 


1 
The most difficult task in formulating the second-order 
approximation is the identification of the non=-minimal cuts 
of size m+l which contain more than one cut of size m. Aside 
Mrom this difficulty the second-order approximation 1s con- 
Eoptualiy no mere difficult than the fix-up approximation. 
Hand calculating the second-order approximation may be rela- 
tively tedious. Whether increased accuracy is worth extra 
effort is a difficult question in almost any context; we only 
note that in many cases the error of the second-order approxi- 
Mation is less than one-tenth the error of the fix-up 


approximation. 
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